Enso Research Identifies ‘Toxic Pools,’ A Hidden DeFi Risk That Can Manipulate Trade Execution Outcomes
In Brief
Enso research identifies “toxic pools,” a new DeFi threat that manipulates transaction simulations to distort execution outcomes for users.

Enso has released research identifying a new category of malicious liquidity pools, referred to as “toxic pools,” which can display accurate trading estimates during transaction simulations while producing significantly different results after execution on-chain. The study suggests that the issue may represent a broader challenge for decentralized finance (DeFi) infrastructure as more applications rely on simulated transactions to determine optimal trading routes.
According to Enso, toxic pools are designed to exploit the gap between simulated and actual blockchain execution. While wallets and aggregators may receive favorable price estimates during the simulation stage, these pools can alter their behavior after transactions are confirmed, resulting in poorer execution outcomes for users while still appearing as viable routing options.
The research was conducted over approximately two months and involved on-chain forensic analysis using archive-node RPC data, transaction tracing, smart contract reviews, and independent validation with support from industry contacts at Curve and Oku. Enso identified two active toxic pools operating across separate protocols, indicating that the technique could potentially be reproduced across different DeFi environments.
Manipulating Execution Quotes Across DeFi Infrastructure
The report distinguishes toxic pools from traditional MEV strategies or normal slippage events, noting that these mechanisms specifically target transaction simulation systems. By providing attractive simulated prices while changing execution conditions after transactions are submitted, malicious pools can influence routing decisions made by wallets and aggregation platforms.
The investigation examined two cases involving Ethereum and Polygon. In one instance, a modified Curve pool processed more than 129,000 successful swaps while providing execution outcomes below quoted expectations. The activity resulted in approximately $225,000 in overstated quotes, more than 37,000 failed transactions, and nearly $30,000 in gas costs associated with unsuccessful swaps. In another case, a malicious Uniswap v4 hook caused a 99.1% transaction failure rate after repeatedly attracting routing systems.
Enso noted that the threat differs from traditional smart contract exploits because it targets confidence in the transaction quoting process rather than a specific protocol vulnerability. If routing systems cannot identify manipulated pricing information, users may continue receiving trade recommendations based on execution paths that cannot deliver the expected results.
The research also found that one Ethereum-based toxic pool did not operate maliciously at all times. Instead, it switched between normal and manipulated behavior, making single simulations and manual assessments less effective. Researchers additionally identified several oracle contracts linked to the same operator, suggesting the approach could potentially be applied to additional pools.
“Our investigation leads us to believe this is not simply another isolated smart contract exploit,” said Milos Costantini, Co-Founder and CPO at Enso in a written statement. “The industry has spent years optimizing price discovery. Our findings suggest the next challenge is verifying execution integrity. If transaction simulations can be manipulated while real execution tells a different story, we need better ways to verify what users actually receive,” he added.
Following the publication of the research, Enso expanded its Enso Shield execution-protection system with additional toxic-pool detection and verification features. The system is designed to analyze real-time blockchain conditions, monitor quote consistency over time, and use transaction traces to identify discrepancies that may not appear in standard simulations.
Enso said the findings highlight wider concerns regarding execution reliability across wallets, aggregators, decentralized exchange aggregators, and other DeFi infrastructure providers that depend on simulated transaction data. The company called for further industry research and independent analysis to better understand and address potential risks associated with manipulated execution environments.
Disclaimer
In line with the Trust Project guidelines, please note that the information provided on this page is not intended to be and should not be interpreted as legal, tax, investment, financial, or any other form of advice. It is important to only invest what you can afford to lose and to seek independent financial advice if you have any doubts. For further information, we suggest referring to the terms and conditions as well as the help and support pages provided by the issuer or advertiser. MetaversePost is committed to accurate, unbiased reporting, but market conditions are subject to change without notice.
About The Author
Alisa, a dedicated journalist at the MPost, specializes in crypto, AI, investments, and the expansive realm of Web3. With a keen eye for emerging trends and technologies, she delivers comprehensive coverage to inform and engage readers in the ever-evolving landscape of digital finance.
More articles
Alisa, a dedicated journalist at the MPost, specializes in crypto, AI, investments, and the expansive realm of Web3. With a keen eye for emerging trends and technologies, she delivers comprehensive coverage to inform and engage readers in the ever-evolving landscape of digital finance.



